I got my problem solved - and here is a few things to note and some steps to resolve the issue.
1) you do not need to create augmented users - unless you need extra settings for local logins (you most likely won't have users logging into your mav) - if you are using AD that is - if not just create local users
2) server is buggy - perhaps - but after dealing with this issue for a few days - as much as i want to agree with it i want to say that now it is running very smoothly - and it boils down to order of steps in the install
4) do not change hostnames once it's set up - that will scre it up even worse
here is what i woudl suggest to blow it away and reset it up
1) system pref - users and groups - login options - network account server - edit - unjoin the domain
2) blow away your open directory and profile manager in command line
sudo /usr/share/devicemgr/backend/wipeDB.sh
sudo slapconfig -destroyldapserver
3) reset apache web config
sudo /serveradmin command web:command=restoreFactorySettings
4)make sure your hostname is correct
5) join domain (if needed)
on command line veryfiy ad is working by typing
user "username" where username is username of AD user
6) if AD set up - check dns search order - make sure no local host (127.0.0.1) is in the list
system preferences - network - ethernet - advanced -dns - remove 127.0.0.1 if there (only if using AD)
6) server admin - open directory - settings - change - set up as standalone
configure yoru ldap server - this will reissue signing authority certificate that you will need if you want to sign your configurations profiles for clients (iOS and Mac)
7) then configure profile manager
Reboot after step 2 - step 3, step 6
if you have a firewall infront of the server there will be aditinal ports required for SCEP
http://support.apple.com/kb/TS1629
you will need port 80,443 and 1640
If you have a reverse proxy you will need to set up a trust to the cetificate on the proxy to the authority configured in the open ldap - different topic - but just tought it was worth mentioning